OSPFv2 Inter-Area Filtering & Prefix-Suppression

In the topology below, the routes from each access area are not advertised into the backbone area 0 (area 1 see's no area 2 routes and vice verse). Equally from the backbone area only the loopback0 IP of the aggregation node within an access area is advertised (ACC1x nodes have AGG1-Lo0 and AGG2-Lo0 but not COR1-Lo0).

This is achieved so that each area can operate as a separate LDP domain, scaling independently of the others. This is in line with the Seamless MPLS architecture. The LSDB within OSPF is made from LSAs being flooded within an area, which causes each router to built a graph tree of the topology. After the graph tree is built then the prefixes that were attached to the LSAs are processed. This distinction is important, LSAs are processed first to build the graph then IP prefixes are processed to build the SPT afterwards, prefixes are extra information attached to LSAs.

Cisco IOS/XE supports the "area N filter-list prefix prefix-list-name in/out" command. "in" filters prefixes being redistributed "into" the area "N". "out" filters prefixes are they are redistributed out of area "N". All the magic happens on the AGGx nodes, the ACCxx and CORx nodes are oblivious. Also note that Cisco's prefix-suppression feature has been used here to further scale the IGP. This has removed all the transit links from the Type 1 LSAs which would have shown up type 3 links (stub networks).

The outputs below show that within area 1 (the same is true within area 2) that each access router only has the loopbacks from other routers within the same area, and the AGGx nodes within that area (and no other core or aggregation nodes, e.g. COR1). Note that LDP has allocated labels for /32 loopback IPs only, no /30 point-to-point link ranges, even though the GNS3 image being used don't support the "mpls ldp label; allocate global host-routes" command the OSPF prefix-suppression feature stops those point-to-point link ranges from entering the IGP database, which is what LDP allocates labels against. This means that in-line with the Seamless MPLS design label usage is kept to loopbacks only.

The output above shows that ACC11 have two Type 3 Summary LSAs, one for the loopback0 IP on each AGG node which server as the gateways/ABRs for area 1 into the rest of the network. A router can not originate any LSAs into an area to which it is connected without originating a Type 1 LSA. This means that the loopback0 IPs on the AGGx nodes which are in area 0 can't be redistributed into area 1 as an inter-area Type 3 Summary LSA without also originating a Type 1 LSA. For AGG1 the Type 1 LSA will contain the loopback0 IP (10.0.0.1) as a type 1 link (point-to-point) with the neighboring router ID set to it's interface IP inside area 1 (10.1.11.1 towards ACC11).

The output below shows this Type 1 LSA from AGG1 and the Type 3 LSA which advertises the same loopback0 IP. Loopback0 is in area 0 which means AGG1 will by default it will send it as a Type 3 inter-area summary LSA. Because loopback0 isn't natively in area 1 it is not possible to only send the Type 1 LSA. The reason the Type 1 LSA is originated is because AGG1 wants to send the Type 3 LSA and as per the OSPF rule, no LSA can be sent into any area unless a Type 1 LSA has been originated first, to identify this local router in that area. This means that the inter-area advertisement requires a Type 1 and Type 3 LSA otherwise it can't be advertised inter-area at all:

The output below shows the AGG1 advertisement into area 1 before OSPF prefix-suppression was enabled. It shows that AGG1 is sending its point-to-point link subnet to ACC11 (10.1.11.0/30) as a type 3 link within the Type 1 Router LSA:

The output below shows the routing table on AGG1. It can be seen that the only OSPF routes are the loopback0 IPs from all areas AGG1 is connected to (area 0, area 1 and area 2) and no point-to-point /30 IPs in OSPF, only the point-to-point /30s for it's directly connected links are in the routing table:

The OSPF database from AGG1 below shows that it only has Type 1 LSAs within the core/backbone area 0. With each access area (1 & 2) it has Type 1 LSAs for the loopback0 IPs of the access PEs in each area and a Type 1 LSA and Type 3 LSA for it's own loopback0 IP in each area: